More like this

Umpteen tools to fight VM sprawl

There's a virtual machine born every minute

Hyper-V bundle of joy

Now that Hyper-V Server 2008 R2 has been pushed out this week to try to steal some thunder from VMware's vSphere and ESX Server 4.0 products, Microsoft needs to get its management-tools act together because now that Hyper-V has live migration and high-availability failover, companies are actually going to start using it.

And so Microsoft has announced a little something called System Center Essentials Management Suite, which combines its basic System Center Essentials 2007 tool with the System Center Virtual Machine Manager 2008 Workgroup Edition plug-in for managing Hyper-V.

The suite also includes a free upgrade through channel partners to System Center Essentials 2010 when it comes to market in the second quarter of next year. The promotion will be available starting on October 1, and Fujitsu and Lenovo are first up peddling the upgrade protection; others will no doubt follow.

According to Microsoft, the bundling of the tools when bought from Microsoft costs $2,868, with SCVMM retailing for $869; OEM suppliers are expected to sell it for less. Those getting the tools through Microsoft's volume licensing deals can expect can get SCVMM Workgroup Edition for $505, and the suite plus two years of Software Assurance would retail for about $3,500, with volume discounting prices as low as $2,000 a pop.

Whatever happened to a product with a price someone could understand?

Throwing Project Javelin over the wall

Many of the guys who created the Red Hat commercial Linux distribution are up the road from Red Hat at a company called rPath, which created this neat variant of Linux with its own repository for creating and patching applications. rPath has been selling the tool to ISVs who are constantly mucking around in their code, but who want some kind of release automation to control how this code is rolled out.

While this is a good-enough business, now rPath wants to position its rPath Builder repository as a means of performing software-release automation within enterprises that are managing their own application stacks.

"The idea is to fill in the gaps between apps and ops," says Jake Sorofman, vice president of marketing at rPath. "Change is the devil in the enterprise. Programmers create these works of art, and then they throw it over the wall to the operations people. There is no version control for both sides of the data center, and when things break, you can't troubleshoot or do rollback."

Which is why virtualization is so popular in the development and test environment, by the way.

The thing about using rPath as a release-automation tool is that because the repository controls all of the applications, it is akin to a version-control system for deployed applications, much as programmers have version control for the code they test on the apps side of the wall.

The trick is to take rBuilder, which was created to manage intra-system dependencies for the hypervisor, operating system, and application stacks that run on them (or that get pushed out to the cloud) and expand it out to handle inter-system dependencies for multi-tier applications. This work is being done at rPath under a year-long effort known as Project Javelin.

The future rBuilder repository will manage applications at the service levels that business managers think of them in, not the system-level constructs that IT managers use as they think and talk about the same applications. That repository will also manage all of the configuration data for systems - IP addresses, storage arrays, and so forth - just like it manages software elements in an application stack today. So, if someone makes a mistake changing network or storage settings, it can be instantly rolled back.

Project Javelin will also include self-service provisioning of applications and the physical and virtual iron that supports those apps. The idea, says Sorofman, is to let lines of business and their application-development groups take control of the deployment, maintenance, and retiring of infrastructure to support those applications - all with the policies controlled centrally by the IT department so they can't do something stupid.

Sorofman says that rPath has 75 customers today, with 63 of them being ISVs. But 90 per cent of the company's current business pipeline is for customers trying to figure out how to use rPath as a version-control system for their own apps. Project Javelin, the company hopes, will give it a bigger foot to get into the doors of the data center and the boardroom.

High trust - well, no, actually

HyTrust, which peddles appliances that lock down access to virtual machines and provides an audit trail for the things system administrators do as they change around hypervisors and VMs, kicked off the 1.5 release of its appliance during VMworld.

With the HyTrust 1.5 release, VMware's ESX Server 4.0 and ESXi 4.0 hypervisors can be put under control of the appliance; the 1.0 release of the appliance that was announced in May only supported the ESX Server 3.5 hypervisor. The HyTrust 1.5 appliance also can support VMware's Distributed Switch, which is embedded into the ESX Server hypervisor and which virtualizes network connections; the 1.5 appliance also supports the Nexus 100V virtual switch created by Cisco for its "California" Unified Computing System.

The HyTrust 1.5 appliance also includes two-factor authentication for access to VMs, so administrators can be asked not only for a user name and password but also for a security token (like the kind that financial firms often use to restrict access to systems). It can also wrap metadata around virtual machines and their resources to better organize and manage those VMs. With this feature, you can ensure that a certain admin can only create VMs that run on specific servers and can be linked to specific networks and storage.

Eric Chiu, president and chief executive officer at HyTrust, says the appliance will be tweaked to support the XenServer hypervisor from Citrix Systems in the second quarter, and will eventually support Microsoft's Hyper-V hypervisor. The HyTrust 1.5 appliance can be acquired as a virtual appliance running inside an ESX Server VM for $3,500 (the appliance is coded in Java and is tuned for Linux), or on a literal hardware appliance for $7,500. You pay an additional $500 per socket per server under management on top of this to use the appliance. Chiu says that the appliance can support hundreds of ESX Server hypervisors per instance, and that the typical ESX Server instance has around ten VMs these days, so you are talking about being able to manage the access to thousands of VMs. ®